Bug#729148: Memory corruption vulnerability when using AES-GCM
Package: openssh-server Version: 1:6.2p2-6~bpo7 Severity: grave Tags: patch, security, fixed-upstream The recent security advisory from OpenSSH upstream dated 2013-11-07 mentions that a memory corruption vulnerability exists in the post-authentication sshd process when an AES-GCM cipher (aes128-...@openssh.com or aes256-...@openssh.com) is selected during kex exchange. If exploited, this vulnerability might permit code execution with the privileges of the authenticated user and may therefore allow bypassing restricted shell/command configurations. This only applies to OpenSSH 6.2 and 6.3 built against OpenSSL supporting AES-GCM. It has been fixed in upstream, OpenSSH 6.4. The advisory mentions usage of the following patch: Index: monitor_wrap.c === RCS file: /cvs/src/usr.bin/ssh/monitor_wrap.c,v retrieving revision 1.76 diff -u -p -u -r1.76 monitor_wrap.c --- monitor_wrap.c 17 May 2013 00:13:13 - 1.76 +++ monitor_wrap.c 6 Nov 2013 16:31:26 - @@ -469,7 +469,7 @@ mm_newkeys_from_blob(u_char *blob, int b buffer_init(b); buffer_append(b, blob, blen); - newkey = xmalloc(sizeof(*newkey)); + newkey = xcalloc(1, sizeof(*newkey)); enc = newkey-enc; mac = newkey-mac; comp = newkey-comp; Alternatively, AES-GCM should be disabled in sshd_config as a workaround to this vulnerability. See also: http://www.openssh.com/txt/gcmrekey.adv Linux edi 3.10-0.bpo.3-amd64 #1 SMP Debian 3.10.11-1~bpo70+1 (2013-09-24) x86_64 GNU/Linux openssh-server: 1:6.2p2-6~bpo7 openssl: 1.0.1e-2 -- Patrick Godschalk arg...@argure.nl GPG: https://argure.nl/identity/ecc14594.asc This e-mail falls under the CC0 1.0 Universal Public Domain Dedication. -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#729148: Memory corruption vulnerability when using AES-GCM
Hi, On Sat, Nov 09, 2013 at 04:08:50PM +0100, Patrick Godschalk wrote: Package: openssh-server Version: 1:6.2p2-6~bpo7 Severity: grave Tags: patch, security, fixed-upstream The recent security advisory from OpenSSH upstream dated 2013-11-07 mentions that a memory corruption vulnerability exists in the post-authentication sshd process when an AES-GCM cipher (aes128-...@openssh.com or aes256-...@openssh.com) is selected during kex exchange. If exploited, this vulnerability might permit code execution with the privileges of the authenticated user and may therefore allow bypassing restricted shell/command configurations. This only applies to OpenSSH 6.2 and 6.3 built against OpenSSL supporting AES-GCM. It has been fixed in upstream, OpenSSH 6.4. This seems to be the same as #729029? Cheers, GUO Yixuan -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#729148: Memory corruption vulnerability when using AES-GCM
Control: reassign -1 openssh 1:6.2p2-6~bpo70+1 Control: forcemerge -1 729029 On Sat, Nov 09, 2013 at 10:54:33AM -0500, GUO Yixuan wrote: This seems to be the same as #729029? Indeed it is, though a useful reminder that I'll need to update the version in backports as well once this is in unstable. -- Colin Watson [cjwat...@debian.org] -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Processed: Re: Bug#729148: Memory corruption vulnerability when using AES-GCM
Processing control commands: reassign -1 openssh 1:6.2p2-6~bpo70+1 Bug #729148 [openssh-server] Memory corruption vulnerability when using AES-GCM Bug reassigned from package 'openssh-server' to 'openssh'. No longer marked as found in versions 1:6.2p2-6~bpo7. Ignoring request to alter fixed versions of bug #729148 to the same values previously set Bug #729148 [openssh] Memory corruption vulnerability when using AES-GCM There is no source info for the package 'openssh' at version '1:6.2p2-6~bpo70+1' with architecture '' Unable to make a source version for version '1:6.2p2-6~bpo70+1' Marked as found in versions 1:6.2p2-6~bpo70+1. forcemerge -1 729029 Bug #729148 [openssh] Memory corruption vulnerability when using AES-GCM Bug #729148 [openssh] Memory corruption vulnerability when using AES-GCM Added tag(s) upstream and pending. Bug #729029 [openssh] openssh: CVE-2013-4548: Memory corruption in AES-GCM support There is no source info for the package 'openssh' at version '1:6.2p2-6~bpo70+1' with architecture '' Unable to make a source version for version '1:6.2p2-6~bpo70+1' Marked as found in versions 1:6.2p2-6~bpo70+1. Merged 729029 729148 -- 729029: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=729029 729148: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=729148 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org